Xamarin.Essentials' WebAuthenticator vs MSAL?

Newbie Dev 151 Reputation points
2021-03-29T19:42:32.867+00:00

Being a newbie to Xamarin I am not sure if these can be compared.

I am looking at ways to authenticate a user through Xamarin app.

We use Azure AD and my Xamarin app wants to authenticate the staff of our organization. It then needs to access an Azure AD authenticated API.

The 2 options I found:

  1. Xamarin.Essenials' WebAuthenticator, looks like a good option. But I feel like it is for a B2C applications(because it mentions about social authentication). The site mentions this is more secure as there is a middle layer to do the authentication. But when I checked the source code for middle layer(Startup.cs) there were Clientid and client secrets. https://devblogs.microsoft.com/xamarin/authentication-xamarin-essentials-aspnet/?WT.mc_id=DT-MVP-5003277
  2. I also read about MSAL for authenticating users. It is a nuget (and so is the above one) and just takes ClientId(and not the client secret). https://learn.microsoft.com/en-us/azure/active-directory/develop/msal-overview

So I am wondering which would be best in my case: WebAuthenticator or MSAL?

Which is more secure,if it can be compared?

Is there any disadvantage of using either?

Is there a better way to do authentication securely?

Thanks in advance.

Xamarin
Xamarin
A Microsoft open-source app platform for building Android and iOS apps with .NET and C#.
5,296 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,595 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. JessieZhang-MSFT 7,706 Reputation points Microsoft Vendor
    2021-03-30T08:46:00.74+00:00

    Hello,

    Welcome to our Microsoft Q&A platform!

    Many apps require adding user authentication, and this often means enabling your users to sign in their existing Microsoft, Facebook, Google, and now Apple Sign In accounts.

    Microsoft Authentication Library (MSAL) provides an excellent turn-key solution to adding authentication to your app. There's even support for Xamarin apps in their client NuGet package.

    If you're interested in using your own web service for authentication, it's possible to use WebAuthenticator to implement the client side functionality.

    Refer :Xamarin.Essentials: Web Authenticator

    You can choose according to your needs. Both Web Authenticator and Microsoft Authentication Library (MSAL) are maintained by microsoft. Microsoft has taken all kinds of security considerations into account, so feel free to use it.

    Best Regards,

    Jessie Zhang

    ---
    If the response is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.